<?php
 
class Product {

	private $ID_kategori;
	private $kategori;
    
	private $ID_produk;
    private $nama_produk;
    private $stok_produk;
	private $harga_produk;
	private $deskripsi;
	private $foto;
    

    private $Host;
    private $MySQLUsername;
    private $MySQLPassword;
    private $Database;
    private $Conn;
    
    //Constructor
    public function Product()
    {
        session_start();
        $this->Host = "localhost";
        $this->MySQLUsername = "root";
        $this->MySQLPassword = "";
        $this->Database = "fprbpl";

        $this->Connection();
        
        unset($this->Host);
        unset($this->MySQLUsername);
        unset($this->MySQLPassword);
        unset($this->Database);
    }


    public function Connection()
    {
        $this->Conn = @mysql_connect($this->Host,$this->MySQLUsername,$this->MySQLPassword);
        if($this->Conn)
        {
            mysql_select_db($this->Database) OR die('Could not select DB');
        }
        else
        {
            die(mysql_error());
        }  
    }
    
    public function Query($sql)
    {
        $result = mysql_query($sql); 
        if(!$result)
        {
            die(mysql_error());
        } 
        return $result;
    }
	
    
    public function Disconnect()
    {
        mysql_close($this->Conn);
    }
    
    //Escapes bad values for MySQL to prevent SQL injections.
    public function EscapeString($badstring)
    {
        if(!get_magic_quotes_gpc())
        {
            $goodstring = addslashes($badstring);
        }
        else
        {
            $goodstring = stripslashes($badstring);
        }
        $goodstring = mysql_real_escape_string($badstring);
        return $goodstring;
    }
    
	
 	public function Result_To_Array($result)
    {
        $result_array = array();

        for ($i=0; $row = mysql_fetch_array($result); $i++) 
        {
            $result_array[$i] = $row;
        }

        return $result_array;

    }
	
	/**public function Addfoto($foto)
    {
		$ID = mysql_fetch_array($this->Query("SELECT MAX(ID_foto)+1 from `foto`"));
		$ID_foto = $ID[0];
        $foto = $this->EscapeString($foto);
        $result = $this->Query("INSERT INTO `foto` (ID_foto,foto) VALUES ('$ID_foto','$foto')");
    }**/
	
 public function AddProduct($nama_produk,$kategori,$stok_produk,$harga_produk,$deskripsi_p,$foto)
    {
	
		$ID = mysql_fetch_array($this->Query("SELECT MAX(ID_produk)+1 from `produk`"));
		$ID_produk = $ID[0];
        $nama_produk = $this->EscapeString($nama_produk);
		$ID_k = mysql_fetch_array($this->Query("SELECT ID_kategori_p from `kategori_produk` where kategori_p='$kategori'"));
		$ID_kategori=$ID_k[0];
		$stok_produk = $this->EscapeString($stok_produk);
		$harga_produk = $this->EscapeString($harga_produk);
		$deskripsi = $this->EscapeString($deskripsi);
		$foto= $this->EscapeString($foto);
		
        $result = $this->Query("INSERT INTO `produk` (ID_produk,ID_kategori_produk,nama_produk,stok_produk,harga_p,deskripsi,foto_produk) VALUES ('$ID_produk','$ID_kategori','$nama_produk','$stok_produk','$harga_produk','$deskripsi','$foto')");
		header('location:../beranda.php'); 
    }
	
	
	}